LowFile-scopeJavaScript / TypeScript Plug & play

Always validate JSON parsing

Ensure that JSON data is validated before parsing. Parsing untrusted JSON without validation can result in runtime errors or vulnerabilities.

Add to Mesrai Open workspace

Why this matters

Parsing untrusted JSON without validation can result in runtime errors or vulnerabilities. Always validate the structure of parsed JSON to ensure it meets expected requirements.

Bad vs. good

Side-by-side examples engineers can pattern-match during review.

Avoid

const data = JSON.parse(userInput); // No validation

Prefer

try {
  const data = JSON.parse(userInput);
  if (typeof data !== 'object' || Array.isArray(data)) {
    throw new Error('Invalid JSON structure');
  }
} catch (err) {
  console.error('JSON parsing error:', err);
}

More snippets

Bad

const data = JSON.parse(userInput); // No validation

Good

try {
  const data = JSON.parse(userInput);
  if (typeof data !== 'object' || Array.isArray(data)) {
    throw new Error('Invalid JSON structure');
  }
} catch (err) {
  console.error('JSON parsing error:', err);
}

Related rules

From the same buckets as this rule.

Critical
Avoid equality operators in loop termination conditions
Check if loops use equality operators (== or !=) in termination conditions. These can lead to infinite loops if the condition is never met exactly. Instead, use relational operators like < or > for safer loop termination.
error-handlingreadability-refactor
Critical
Avoid Returning Null in Non-Async Task Methods
Returning null from a Task or Task<T> method causes a NullReferenceException if awaited. Use Task.CompletedTask or Task.FromResult<T>(null) instead.
error-handlingreadability-refactor+1
Critical
Avoid Using Boolean Expressions in `except` Statements
Detect `except` clauses that use `or` or `and` to catch multiple exceptions. This does not work as intended. Recommend using a tuple of exceptions instead.
error-handlingstack-python

Bad vs. good

Side-by-side examples engineers can pattern-match during review.

Avoid

const data = JSON.parse(userInput); // No validation

Prefer

try {
  const data = JSON.parse(userInput);
  if (typeof data !== 'object' || Array.isArray(data)) {
    throw new Error('Invalid JSON structure');
  }
} catch (err) {
  console.error('JSON parsing error:', err);
}

More snippets

Bad

const data = JSON.parse(userInput); // No validation

Good

try {
  const data = JSON.parse(userInput);
  if (typeof data !== 'object' || Array.isArray(data)) {
    throw new Error('Invalid JSON structure');
  }
} catch (err) {
  console.error('JSON parsing error:', err);
}

Related rules

From the same buckets as this rule.

Critical

Avoid equality operators in loop termination conditions

Check if loops use equality operators (== or !=) in termination conditions. These can lead to infinite loops if the condition is never met exactly. Instead, use relational operators like < or > for safer loop termination.

error-handlingreadability-refactor

Critical

Avoid Returning Null in Non-Async Task Methods

Returning null from a Task or Task<T> method causes a NullReferenceException if awaited. Use Task.CompletedTask or Task.FromResult<T>(null) instead.

error-handlingreadability-refactor+1

Critical

Avoid Using Boolean Expressions in `except` Statements

Detect `except` clauses that use `or` or `and` to catch multiple exceptions. This does not work as intended. Recommend using a tuple of exceptions instead.

error-handlingstack-python